CVE-2018-18710

CVSS v3.0 5.5 (Medium)

CVSS v2.0 2.1 (Low)

EPSS 0.04 % (11^th)

Affected Products 3

Advisories 66

An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.

Weaknesses

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

Related CVEs

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2018-10-29 12:29:05
(5 years ago)
Updated Date: 2019-04-03 12:39:02
(5 years ago)

Affected Products

Configuration #1

		CPE23	From	Up To
	Linux Kernel 4.19 and prior versions	cpe:2.3:o:linux:linux_kernel		<= 4.19

Configuration #2

		CPE23	From	Up To
	Canonical Ubuntu Linux 12.04	cpe:2.3:o:canonical:ubuntu_linux:12.04:::*:esm
	Canonical Ubuntu Linux 14.04	cpe:2.3:o:canonical:ubuntu_linux:14.04:::*:lts
	Canonical Ubuntu Linux 16.04	cpe:2.3:o:canonical:ubuntu_linux:16.04:::*:lts
	Canonical Ubuntu Linux 18.04	cpe:2.3:o:canonical:ubuntu_linux:18.04:::*:lts
	Canonical Ubuntu Linux 18.10	cpe:2.3:o:canonical:ubuntu_linux:18.10

Configuration #3

		CPE23	From	Up To
	Debian Linux 8.0	cpe:2.3:o:debian:debian_linux:8.0

Weaknesses

Related CVEs

Affected Products

Canonical

Debian

Linux

Configuration #1

Configuration #2

Configuration #3